Badyl

Fixlog: http://wklej.org/id/1742584/

Raporty: FRST http://wklej.org/id/1740653/ Addition http://wklej.org/id/1740654/

Raport z malware http://wklej.org/id/1740590/ A w skrócie: Klucze rejestru: 42 PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{202BE901-CCC4-497C-B648-369D7F516B34}, , [b6116457d7b3c274c3b83539c43e2ed2], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{202BE901-CCC4-497C-B648-369D7F516B34}, , [b6116457d7b3c274c3b83539c43e2ed2], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P202BE901_CCC4_497C_B648_369D7F516B34_.P202BE901_CCC4_497C_B648_369D7F516B34_, , [b6116457d7b3c274c3b83539c43e2ed2], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\P202BE901_CCC4_497C_B648_369D7F516B34_.P202BE901_CCC4_497C_B648_369D7F516B34_.9, , [b6116457d7b3c274c3b83539c43e2ed2], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P202BE901_CCC4_497C_B648_369D7F516B34_.P202BE901_CCC4_497C_B648_369D7F516B34_, , [b6116457d7b3c274c3b83539c43e2ed2], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P202BE901_CCC4_497C_B648_369D7F516B34_.P202BE901_CCC4_497C_B648_369D7F516B34_.9, , [b6116457d7b3c274c3b83539c43e2ed2], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P202BE901_CCC4_497C_B648_369D7F516B34_.P202BE901_CCC4_497C_B648_369D7F516B34_, , [b6116457d7b3c274c3b83539c43e2ed2], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\P202BE901_CCC4_497C_B648_369D7F516B34_.P202BE901_CCC4_497C_B648_369D7F516B34_.9, , [b6116457d7b3c274c3b83539c43e2ed2], PUP.Optional.MultiPlug.A, HKU\S-1-5-21-3231666761-2226524148-1626495936-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{202BE901-CCC4-497C-B648-369D7F516B34}, , [b6116457d7b3c274c3b83539c43e2ed2], PUP.Optional.MultiPlug.A, HKU\S-1-5-21-3231666761-2226524148-1626495936-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{202BE901-CCC4-497C-B648-369D7F516B34}, , [b6116457d7b3c274c3b83539c43e2ed2], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{202BE901-CCC4-497C-B648-369D7F516B34}, , [b6116457d7b3c274c3b83539c43e2ed2], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{202BE901-CCC4-497C-B648-369D7F516B34}, , [b6116457d7b3c274c3b83539c43e2ed2], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{202BE901-CCC4-497C-B648-369D7F516B34}\INPROCSERVER32, , [b6116457d7b3c274c3b83539c43e2ed2], PUP.Optional.CommonDots.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{c3842ff3-4633-4f81-a633-a8175a7f2884}, , [19ae754633572f0730be1698fd068a76], PUP.Optional.CommonDots.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{0e71170c-474d-49d7-8c77-71e47eec6176}, , [19ae754633572f0730be1698fd068a76], PUP.Optional.CommonDots.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{053D37C0-21EE-4C83-AF51-FAECF7AF498B}, , [19ae754633572f0730be1698fd068a76], PUP.Optional.CommonDots.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{053D37C0-21EE-4C83-AF51-FAECF7AF498B}, , [19ae754633572f0730be1698fd068a76], PUP.Optional.CommonDots.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{053D37C0-21EE-4C83-AF51-FAECF7AF498B}, , [19ae754633572f0730be1698fd068a76], PUP.Optional.CommonDots.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{0e71170c-474d-49d7-8c77-71e47eec6176}, , [19ae754633572f0730be1698fd068a76], PUP.Optional.CommonDots.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{0e71170c-474d-49d7-8c77-71e47eec6176}, , [19ae754633572f0730be1698fd068a76], PUP.Optional.CommonDots.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C3842FF3-4633-4F81-A633-A8175A7F2884}, , [19ae754633572f0730be1698fd068a76], PUP.Optional.CommonDots.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C3842FF3-4633-4F81-A633-A8175A7F2884}, , [19ae754633572f0730be1698fd068a76], PUP.Optional.CommonDots.A, HKU\S-1-5-21-3231666761-2226524148-1626495936-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C3842FF3-4633-4F81-A633-A8175A7F2884}, , [19ae754633572f0730be1698fd068a76], PUP.Optional.CommonDots.A, HKU\S-1-5-21-3231666761-2226524148-1626495936-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C3842FF3-4633-4F81-A633-A8175A7F2884}, , [19ae754633572f0730be1698fd068a76], PUP.Optional.SecureWeb.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D3C24E2B-C820-4492-9B69-11BF7163F998}, , [f3d4566599f150e679481359a26143bd], PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [8f380ab16426e0562272a8e663a2d12f], PUP.Optional.FFPluginHp.A, HKLM\SOFTWARE\WOW6432NODE\FFPluginHp, , [567112a99bef181e89d7b241966dfe02], PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, , [299e0dae226866d0a9dbc65393714cb4], PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [e2e5d1ea4545f5416f25088629dc45bb], PUP.Optional.ProductSetup.A, HKU\S-1-5-21-3231666761-2226524148-1626495936-1002\SOFTWARE\PRODUCTSETUP, , [b314eccfee9ce353fd514e4252b33dc3], PUP.Optional.BestAdBlocker.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{ABE4560D-84F2-4AC2-8687-A3068DC7486A}, , [e4e3caf15e2cd75fb8e1074656b0a25e], PUP.Optional.BestAdBlocker.A, HKLM\SOFTWARE\CLASSES\CLSID\{ABE4560D-84F2-4AC2-8687-A3068DC7486A}, , [e4e3caf15e2cd75fb8e1074656b0a25e], PUP.Optional.BestAdBlocker.A, HKLM\SOFTWARE\CLASSES\PABE4560D_84F2_4AC2_8687_A3068DC7486A_.PABE4560D_84F2_4AC2_8687_A3068DC7486A_, , [e4e3caf15e2cd75fb8e1074656b0a25e], PUP.Optional.BestAdBlocker.A, HKLM\SOFTWARE\CLASSES\PABE4560D_84F2_4AC2_8687_A3068DC7486A_.PABE4560D_84F2_4AC2_8687_A3068DC7486A_.9, , [e4e3caf15e2cd75fb8e1074656b0a25e], PUP.Optional.BestAdBlocker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PABE4560D_84F2_4AC2_8687_A3068DC7486A_.PABE4560D_84F2_4AC2_8687_A3068DC7486A_, , [e4e3caf15e2cd75fb8e1074656b0a25e], PUP.Optional.BestAdBlocker.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PABE4560D_84F2_4AC2_8687_A3068DC7486A_.PABE4560D_84F2_4AC2_8687_A3068DC7486A_.9, , [e4e3caf15e2cd75fb8e1074656b0a25e], PUP.Optional.BestAdBlocker.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\PABE4560D_84F2_4AC2_8687_A3068DC7486A_.PABE4560D_84F2_4AC2_8687_A3068DC7486A_, , [e4e3caf15e2cd75fb8e1074656b0a25e], PUP.Optional.BestAdBlocker.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\PABE4560D_84F2_4AC2_8687_A3068DC7486A_.PABE4560D_84F2_4AC2_8687_A3068DC7486A_.9, , [e4e3caf15e2cd75fb8e1074656b0a25e], PUP.Optional.BestAdBlocker.A, HKU\S-1-5-21-3231666761-2226524148-1626495936-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{ABE4560D-84F2-4AC2-8687-A3068DC7486A}, , [e4e3caf15e2cd75fb8e1074656b0a25e], PUP.Optional.BestAdBlocker.A, HKU\S-1-5-21-3231666761-2226524148-1626495936-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{ABE4560D-84F2-4AC2-8687-A3068DC7486A}, , [e4e3caf15e2cd75fb8e1074656b0a25e], PUP.Optional.BestAdBlocker.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{ABE4560D-84F2-4AC2-8687-A3068DC7486A}, , [e4e3caf15e2cd75fb8e1074656b0a25e], PUP.Optional.BestAdBlocker.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{ABE4560D-84F2-4AC2-8687-A3068DC7486A}, , [e4e3caf15e2cd75fb8e1074656b0a25e], Wartości rejestru: 4 PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [8f380ab16426e0562272a8e663a2d12f] PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [e2e5d1ea4545f5416f25088629dc45bb] PUM.Bad.Proxy, HKU\S-1-5-21-3231666761-2226524148-1626495936-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, 127.0.0.1:8118, , [62653f7c2a6075c109eb1969d0350af6] PUP.Optional.ProductSetup.A, HKU\S-1-5-21-3231666761-2226524148-1626495936-1002\SOFTWARE\PRODUCTSETUP|tb, , [b314eccfee9ce353fd514e4252b33dc3], Dane rejestru: 0 (Nie wykryto zagrożeń) Foldery: 2 PUP.Optional.PriceMinus.A, C:\Program Files (x86)\PrIcEEMinUs, , [982fd2e90f7b0135ed4bdfab18ed15eb], PUP.Optional.PrxySvrRST, C:\Users\Bartosz\AppData\Roaming\Updater, , [4087e5d6bdcdd75f6ec5147cf60fe41c], Pliki: 20 PUP.Optional.MultiPlug.A, C:\Program Files (x86)\PrIcEEMinUs\XOiUHzktXN5NpO.x64.dll, , [b6116457d7b3c274c3b83539c43e2ed2], PUP.Optional.MultiPlug.A, C:\FRST\Quarantine\C\Program Files (x86)\bestadblocker\DpC57eoTDunwbZ.dll, , [83443c7f5e2c2f071f5c75f9976ba45c], PUP.Optional.MultiPlug.A, C:\FRST\Quarantine\C\Program Files (x86)\bestadblocker\DpC57eoTDunwbZ.x64.dll, , [10b7407b85058bab6a11531bd929f30d], PUP.Optional.CommonDots.A, C:\FRST\Quarantine\C\ProgramData\10d68142-4184-4238-be73-f262bcead1ff\plugincontainer.bak, , [1daabb001e6cb97d6d356d157d8915eb], PUP.Optional.CommonDots.A, C:\FRST\Quarantine\C\ProgramData\10d68142-4184-4238-be73-f262bcead1ff\plugincontainer.exe, , [8e396c4f82081c1a81210e74e81ef907], PUP.Optional.CommonDots.A, C:\FRST\Quarantine\C\ProgramData\10d68142-4184-4238-be73-f262bcead1ff\plugins\2\Plugin.exe, , [c205ead1fa9085b1b5edf19129dd4cb4], PUP.Optional.CommonDots.A, C:\FRST\Quarantine\C\ProgramData\10d68142-4184-4238-be73-f262bcead1ff\plugins\2bak\Plugin.exe, , [d8efb00b75157db90e94b4ce818524dc], PUP.Optional.CommonDots.A, C:\FRST\Quarantine\C\ProgramData\10d68142-4184-4238-be73-f262bcead1ff\plugins\3\Plugin.exe, , [8d3aebd0c7c3003600a2f98932d4817f], PUP.Optional.CommonDots.A, C:\FRST\Quarantine\C\ProgramData\10d68142-4184-4238-be73-f262bcead1ff\plugins\3bak\Plugin.exe, , [9a2df1cae5a560d6e7bb3f435babe11f], PUP.Optional.CommonDots.A, C:\FRST\Quarantine\C\ProgramData\10d68142-4184-4238-be73-f262bcead1ff\plugins\5\Plugin.exe, , [7354d8e34545a492742ecbb77393dd23], PUP.Optional.CommonDots.A, C:\FRST\Quarantine\C\ProgramData\10d68142-4184-4238-be73-f262bcead1ff\plugins\5bak\Plugin.exe, , [794e8635a5e5ae8841618ef40006ff01], PUP.Optional.CommonDots.A, C:\FRST\Quarantine\C\ProgramData\10d68142-4184-4238-be73-f262bcead1ff\plugins\8\Plugin.exe, , [4087a516800a0c2ac3dfadd5de28d12f], PUP.Optional.CommonDots.A, C:\FRST\Quarantine\C\ProgramData\10d68142-4184-4238-be73-f262bcead1ff\plugins\8bak\Plugin.exe, , [11b62d8e6f1bb581534f067ca264cc34], PUP.Optional.MultiPlug.A, C:\Program Files (x86)\PrIcEEMinUs\XOiUHzktXN5NpO.dll, , [ecdb2398a0ea6acc215a77f741c116ea], PUP.Optional.CommonDots.A, C:\Users\Bartosz\AppData\Local\Temp\~nsu.tmp\Au_.exe, , [d2f5d0eb6e1c96a080228ff36d991de3], Trojan.Dropper, C:\Users\Bartosz\AppData\Roaming\Updater\winupd.exe, , [6f58d0eba2e8fb3baac5bbbab64a5aa6], PUP.Optional.PriceMinus.A, C:\Program Files (x86)\PrIcEEMinUs\XOiUHzktXN5NpO.tlb, , [982fd2e90f7b0135ed4bdfab18ed15eb], PUP.Optional.PriceMinus.A, C:\Program Files (x86)\PrIcEEMinUs\XOiUHzktXN5NpO.dat, , [982fd2e90f7b0135ed4bdfab18ed15eb], PUP.Optional.PrxySvrRST, C:\Users\Bartosz\AppData\Roaming\Updater\winupd.exe, , [4087e5d6bdcdd75f6ec5147cf60fe41c], PUP.Optional.PrxySvrRST, C:\Users\Bartosz\AppData\Roaming\Updater\tasks.dll, , [4087e5d6bdcdd75f6ec5147cf60fe41c], Sektory fizyczne: 0 (Nie wykryto zagrożeń) Wykryto 68 zagrożeń - usunąłem.

@jessica co masz na myśli? Co do tematu: Malwarebytes skanuje od godziny i wykrył do tej pory 41 zagrożeń (dalej skanuje)

Raport http://wklej.org/id/1740441/

Odinstalowane. FRST: http://wklej.org/id/1740402/ Dzięki za zainteresowanie.

Witam, Ostatnio, korzystając z przeglądarki, Avast informuje mnie o zagrożeniu typu ULR:Mal. Komunikat pojawia się dosyć często. Przeskanowałem system używając skanowania podczas uruchomienia systemu (Avast) i wykryło mi zarażone pliki, które usunąłem. Niestety problem nadal jest. Przeskanowałem komputer programami OTL oraz FRST (Logi poniżej). Proszę o pomoc! OTL http://wklej.org/id/1740356/ Extras http://wklej.org/id/1740357/ FRST http://wklej.org/id/1740361/ Addition http://wklej.org/id/1740363/ Shortcut http://wklej.org/id/1740364/